Overview

overview

10

Static

static

8

URLScan

urlscan

10

https://grapplingwit...

windows10_x64

1

Analysis

  • max time kernel
    133s
  • max time network
    145s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    14-10-2021 10:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://grapplingwiththefutures.com/css/office365/?email=aWdvci5zYWxhdEBiYXllci5jb20=

  • Sample

    211014-mamltsggfn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://grapplingwiththefutures.com/css/office365/?email=aWdvci5zYWxhdEBiYXllci5jb20=
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:656 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
    MD5

    54e9306f95f32e50ccd58af19753d929

    SHA1

    eab9457321f34d4dcf7d4a0ac83edc9131bf7c57

    SHA256

    45f94dceb18a8f738a26da09ce4558995a4fe02b971882e8116fc9b59813bb72

    SHA512

    8711a4d866f21cdf4d4e6131ec4cfaf6821d0d22b90946be8b5a09ab868af0270a89bc326f03b858f0361a83c11a1531b894dfd1945e4812ba429a7558791f4f

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
    MD5

    9ecb9076d94bf95e37017b77bf3947be

    SHA1

    d28c25957ba11396d7e942e85ca41184db7d08cf

    SHA256

    979f1133fc2fff66a2bd1714cf546b3c23998644e9a8e50f637bf2c95c262831

    SHA512

    41fb06f7c430d1ac2182d3f2c90785c196d2a0810814d4c6ceb48f3e35928a7131fa37da4dae2ea5b16dfe09ddc39884f36a9b258292b3090eaf8e6ed3343103

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\JUVFAO8R.cookie
    MD5

    f8646469908df5cc0a506d68de3cb32d

    SHA1

    f67050e579e317343e0afb0c5fab4ecd50568207

    SHA256

    ed2a04397c3e08c7ec03a79c5da7cdad6fbe4d776809381d5f1f827c148eba09

    SHA512

    d0eb357fe788f4184b6ae41fd7cdb087a2563823abf31c35e87bcb5cc5a31f50a759c5b282a57153a6fbdbd78404a7217244b3855197d394423112a4e1d3ad1b

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\SZADB2WG.cookie
    MD5

    77808e662a5a67fb4ce3ae6ab373beff

    SHA1

    c1d3b182f4850c14b04a4db73d0bfe0dbd59ca01

    SHA256

    db545ead6711cd8f9a405c49f7ce04d63d62b99447a1ed907afe829c7649a261

    SHA512

    ff91c222df0efc53e52182744d304e651e45218e471ca9d3ff627429cab737ee29a22f9afdefa924d3728bfaa74f95e7965313467c8ac7bd227426a0c5081fa1

    Download Submit
  • memory/656-140-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-122-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-121-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-146-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-123-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-124-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-126-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-127-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-128-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-130-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-131-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-132-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-134-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-135-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-136-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-148-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-115-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-141-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-114-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-143-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-116-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-120-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-137-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-149-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-150-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-154-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-155-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-156-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-162-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-163-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-164-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-165-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-166-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-167-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-168-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-172-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-174-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-175-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-178-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-119-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-118-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/656-144-0x00007FFDE9FC0000-0x00007FFDEA02B000-memory.dmp
    Filesize

    428KB

    Download
  • memory/2792-139-0x0000000000000000-mapping.dmp
    Download